Stack pivoting is often exploited in return-oriented programming (ROP) attacks. ROP is a method of hijacking the execution flow of the current process by exploiting return instruction which, in many processor architectures, retrieves from the top of the stack the address of the next executable instruction within the calling routine. Thus, by modifying the return address on the stack, an attacker can divert the execution flow of the current process to an arbitrary memory location.
Having hijacked the execution flow, the attacker can, for example, initialize the arguments and perform a library function call. This technique is known as “return-into-library.” In another example, the attacker can locate within the code segment several instruction sequences to be executed. This approach is known as “borrowed code chunks technique.”